governmentwikiaorg-20200215-history
Minutes mailed to ECI
Gentlemen, On the 7th of August 2009, at the request of Kirit Somayia, Dr Anupam Saraph visited the ECI along with several technology experts. Security Expert Vijay Mukhi pointed out that the ECI should change its language that EVM's cannot be hacked as there is no technology that is hack proof. He also pointed out several holes in the EVM that can be used to compromise an EVM. Kirit Somayia highlighted the need to keep making improvements in the election process by seeking open and inclusive dialog with all stake-holders. He also highlighted the lack of audit of the votes or voters, as would exist in the finance profession. He asked the ECI to immediately switch to paper trail to EVMs. Here is the summary of the points Dr Anupam Saraph raised with the ECI: # Trust in EVMs: When people transact on an ATM and trust the machine in the wall with their hard earned money, the machine does NOT require any "observers", micro-observers", "agents of the bank", "agents of the Reserve Bank of India", "Representatives of the Account holder" etc. along with seals fixed on the machine by various persons, countersigned by others on specially printed paper from Nasik to build trust. Unfortunately, as indicated by the ECI during the meeting itself, the EVM has to be viewed in its totality, including the administrative checks and balances and the various processes. These include a paraphernelia of observers, micro-observers, polling agents, returning officers, counting agents etc. as well as several seals on paper printed at the government press in Nasik to ensure and create the perception of trust. The transaction slip that the ATM generates, the ability to check the balance anytime on the ATM or on a counter in the bank- even update a "passbook"- creates trust. The EVMs, however leave no such transaction trail and ability to build trust. They are purely faith based on the entire machinery and it is painful that the ECI is not giving adequate reasons to even build the faith in the machinery. The banking system also has a statutory Audit by a third party, not the manufacturer of the ATM or the bank. The EVM has no transaction trail, no audit and cannot be checked by anyone without the direction of the court. How many times had any audit been undertaken and where, by whom? Which of the "upgrade" features of EVMs were used on a regular basis and what were the results? Why instead was there no focus on simplifying the EVM to make it more trustable? # Consolidating databases: The election commission is required to track information on voters, constituencies, candidates, votes etc. This information is collected, stored and maintained in various databases of the ECI in multiple formats, multiple copies and multiple locations. There is no way to tell the authentic one. A query to one may generate a different answer from the other. There needs to be a broader open and inclusive technology reform agenda beyond the EVMs. # Tests and dummy data: The ECI must make public any tests, their schedule, the nature of such tests, the data used for such tests, the results obtained from such tests and the names of the persons and organizations responsible for such tests. Kirit Somayia asked the ECI to particularly comment on the queries raised by Prof Madhav Nalapat and Dr Anupam Saraph about the data available from the 6th of May. ECI Responses # The ECI agreed that the simplification of the EVM was needed- the need for such an elaborate machinery should be done away with. They agreed to compile the list of audits undertaken, if any, and make them available. While conceding that none of the upgrade features had been used to generate reports, they said they were there in-case of direction by the court. # The ECI agreed that it had need to consolidate the databases and ensure that the system would be less error prone. They agreed to create a "technology reform agenda" beyond the EVMs. # The ECI said that tests are conducted on the "Gensys" software that transmits the results to the website. These tests are to ensure that the candidate name and results columns match. They also sad all such tests are clearly labeled as tests on the website. They were unable to explain why the data available on the 6th of May through the 15th of May on the ECI website was not labeled test, was changing, was coded, did not display the candidate name and why the results were not uploaded on to the spreadsheet. They agreed that they would send a written communication about this serious issue. # The ECI conceded to the existence of holes, "easter eggs" in the software and the absence of any process other than "black-box" testing to confirm the source code on EVMs and rationalized saying that the proprietary nature of the technology, the elaborate administrative procedure and the seals made sure that the EVM was unhackable and safe. # Even while arguing that the EVM was not a computer, but just a calculator, the ECI was closed to releasing the source or making the technology open-sourced. Their argument: open source will generate clones that compromise the process. Actionable Points # An open and inclusive dialog on process simplification to include transaction trail and independent auditability to be initiated by the ECI. The ECI should participate in the technology reform wiki already set up by the various stake-holders. # The ECI to provide a detailed response on the manner it conducts tests and specifically the questions raised due to the availability of the 2009 results data in coded form between the 6th and 15th of May. # The wiki community to list out case with examples of how open-source or closed-source technologies can create more trusted, highly secure and contemporary voting processes. # The ECI to move to a paper trail to the EVM for all elections beginning immediately. # The paper trail to be used as an audit record that must be counted independently at different locations by third parties during the counting process. Please add your comments here References: #Tracking the elections #Questions about Indian democracy raised by the data on the ECI website #Voting Reforms: Options in an imperfect world #Copy of letter sent to the ECI requesting clarifications #Researching the coded database #Case for Election Reforms #Review the 2009 Lok Sabha Election Process: Promises and Reality #Results before Voting? #EVM Issues #Results before voting #Requirements form the ECI #Notes on the Meeting with the ECI With best wishes Sincerely Prof Madhav Nalapat and Dr Anupam Saraph encl: Previous unanswered letter Category:India Category:Elections